package com.example.springsecuritydemo.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("test")
public class HelloController {

    @RequestMapping("hello")
    public String hello(){
        return "hello springsercutiy";
    }

    @RequestMapping("index")
    public String index(){
        return "hello index";
    }

   // @Secured({"ROLE_sale","ROLE_manager"})
   //@PreAuthorize("hasAnyAuthority('admins')")
    @PostAuthorize("hasAnyAuthority('admins')")
    @RequestMapping("update")
    public String update(){
        String
        System.out.println("先输出....");
        return "hello update";
    }
}
